From ed654d220bb93bdbf12e878bef624e095ed16e77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= Date: Thu, 11 Jan 2024 16:13:42 +0100 Subject: [PATCH] Create the cron.allow file with correct permissions This way we will ensure that the file is created with correct owner and permissions from the beginning. Uses the new parameters of the file_existence template. These options aren't checked by OVAL, they are only used by remediations. --- .../restrict_at_cron_users/file_cron_allow_exists/rule.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_allow_exists/rule.yml b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_allow_exists/rule.yml index 839bed9baa9..15a6224bc92 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_allow_exists/rule.yml +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_allow_exists/rule.yml @@ -41,3 +41,5 @@ template: vars: filepath: /etc/cron.allow exists: true + fileuid: "0" + filemode: "0600"